Many years ago, in The Dark Knight, Batman’s nemesis the Joker famously observed that nobody panics when things go “according to plan – even if the plan is horrifying.” It’s when the unexpected happens that chaos erupts.

San Francisco got a taste of that chaos in late December when a power outage brought the city’s fleet of Waymo autonomous vehicles to a standstill. For hours, the self-driving cars sat motionless at darkened intersections, hazard lights blinking, blocking traffic and stranding frustrated drivers. Social media lit up with videos of the gridlock. Tow trucks worked overtime. And the ride-hailing service that had been touting its superior safety record was forced offline.

Let’s be clear: Waymo’s safety statistics are impressive. According to the company, its autonomous vehicles have 90% fewer serious injury crashes, 82% fewer airbag deployments and 81% fewer injury-causing incidents compared to human drivers over the same distance. Dr. Jonathan Slotkin, a Pennsylvania neurosurgeon and trauma specialist who analyzed Waymo’s data, suggests that if just 30% of cars were fully automated, we might prevent 40% of crashes. That’s a compelling case for autonomous vehicles.

Except when the power goes out.

The malfunctions are especially puzzling because these vehicles are specifically designed to handle lost connectivity and dead traffic signals. Poor weather on occasion knocks out traffic lights in San Francisco without causing problems. The cars run on onboard batteries and are engineered to operate in areas where wireless signals drop.

Yet they did. Or at least, they relied on something that failed when the grid went dark.

Waymo explained that while its vehicles treat nonfunctional signals as four-way stops, “the sheer scale of the outage led to instances where vehicles remained stationary longer than usual to confirm the state of the affected intersections.” Translation: the system got overwhelmed and froze.

The irony is, remote facilitation may be more critical to safe operation than we know. Some autonomous vehicle companies employ remote technicians who help these cars navigate situations they can’t solve independently. To wit, Tesla’s Robotaxis, which have onboard remote assistance monitored by humans, reportedly operated without problems during the same outage. That’s worth noting.

In the electronics industry, we understand redundancy, fault tolerance and graceful degradation. We design systems expecting failures. But public infrastructure – and that’s what these vehicles have become – requires the highest standard. When you’re transporting people, blocking intersections and potentially impeding emergency services, “system bugs and failures” aren’t acceptable.

No injuries or accidents resulted from the Waymo outages, which is fortunate. But the company has previously issued recalls after software malfunctions caused vehicles to collide with a pickup truck and a telephone pole in Phoenix. The pattern suggests that edge cases and unexpected scenarios remain significant challenges.

If you are thinking it’s unusual for electronics and public health to intersect so dramatically, you are not alone. The fundamental question remains: Are these systems truly ready for widespread deployment?

Dr. Slotkin’s assessment is that it’s in the public’s best interests to make the transition to autonomous vehicles, because even with the potential for mistakes the robots are less error-prone than humans.

But December’s power outage revealed something important: when systems fail – which eventually they all do – autonomous vehicles can create new problems even as they solve old ones. The technology may be 90% safer in normal conditions, but what happens in abnormal conditions matters too. It’s up to all of us to decide just how much.

By the next afternoon, San Francisco streets returned to normal, aside from the conspicuous absence of Waymos. When service resumed, users were still greeted with: “Our service is currently paused. We’re sorry for the inconvenience – please check back again soon.”

The inconvenience passed. The questions remain.

The Joker was right about one thing: it’s the unexpected that causes panic. If autonomous vehicles are going to share our streets, they need to be ready to handle the chaos. And so must we.

P.S. Registration for PCB East opens later this month. Be sure to check out the full slate of offerings this year: technical conferences for design and fabrication, plus three dedicated assembly tracks, including an all-day hand soldering workshop! Plus, the PCB Management Forum and the FPGA Horizons conference. All of this wraps around the one-day exhibition on April 29, featuring more than 80 companies, including AMD, Microchip, Samtec and the leading PCB EDA software vendors. Hope to see you there.

Mike Buetow is president of PCEA (pcea.net); mike@pcea.net.

• Next